Sirdata's Consent Management Platfom (CMP) performs two actions automatically :
- It makes it possible to validly implement the legal bases for processing personal data (transparency on the processing, types of data processed, and third parties involved, right to oppose legitimate interests and collection of informed, free, specific and unambiguous consent)
- It provides third parties with a signal of choice when each page loads
For partners like Google or Sirdata who use "Smart Tags" capable of decoding this choice, the publisher does not need anything else !
These publisher's advertising partners will communicate with the API exposed by Sirdata CMP or receive the signal transmitted using the gdpr and gdpr_consent parameters, in order to know the choices made by the Internet user.
But, many market players don't know yet how to properly manage these signals and leave it to publishers to manage the firing of their tags.
If the publisher doesn’t carry out voluntarily this firing management, the scripts of its partners de facto deposit a cookie before the user can make any choice, or even after a refusal to consent expressed by the latter.
In this case, the CMP only fulfills its main role (prior information and implementation of the legal bases of processing), but it cannot fulfill the function of managing the firing of its tags for the publisher.
In terms of case law relating to cookies, the publisher is always considered to be controller , possibly joint-controller, for cookies placed on its website. Whether these are so-called "first party" or "third party" cookies does not change anything.
To call the tags of its partners at the right time, an editor must therefore :
- Use a CMP: Sirdata CMP ensures that its setting fully complies with the ePrivacy directive, GDPR and the recommendations of the authorities.
- Check each tag and each beacon on its site or in its tag manager to ensure that no cookie or other tracker (local storage, indexdb, etc.) is placed without the prior consent of the user.
The first step that consists in installing Sirdata CMP, is a breeze. In 5 minutes, a website editor gets a script that he can copy and paste into the "head" section of all pages of its website.
The second step, just as important, requires referencing the processing operations carried out by the publisher's partners, and the purposes of these processing operations. It is also necessary to define whether trackers are used, and if so, determine whether they are exempt from consent or not.
When all this information is gathered, and after updating the CMP, if necessary to display the missing partners or purposes, it is necessary to set up the firing management of the tags, that is to say to modify the tags of the partners so as to trigger them only when authorized.
Many publishers have a lot of doubts, if not worse, none. The risks of error, and therefore infringement, are very high. For everyone, Sirdata offers to perform all these checks and controls on behalf of the publisher.
It all starts with a review and the calculation of an overall compliance score.
We then analyze each tag and beacon to determine if they are functional, exempt or consent-based trackers. If they are subject to consent, for example, we put in place a granular and specific firing management system.
This service is provided on estimate and from € 1,000 excluding tax per site.
At the end of the service, Sirdata provides a full GDPR and ePrivacy audit to assess the new compliance and ensure that the score has gone green.
You want to contact us, here it is :